urlscan.io logo urlscan.io
SecurityTrails logo

tnetfibe.cotizac.ru Open in urlscan Pro
2606:4700:20::ac43:49bf  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://exit.streamoptim.com/track/edm2?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86...
Effective URL: https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
Submission Tags: falconsandbox
Submission: On February 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::ac43:49bf, located in United States and belongs to CLOUDFLARENET, US. The main domain is tnetfibe.cotizac.ru.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2023. Valid for: 3 months.
This is the only time tnetfibe.cotizac.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 47.251.41.24 45102 (ALIBABA-C...)
1 78.135.80.21 207459 (AS-TEKNOS...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6204
114 KB
7 cotizac.ru
tnetfibe.cotizac.ru
118 KB
1 sarkli.com
wyhlgitx.sarkli.com
2 KB
1 streamoptim.com
exit.streamoptim.com — Cisco Umbrella Rank: 64388
372 B
15 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects tnetfibe.cotizac.ru
challenges.cloudflare.com
wyhlgitx.sarkli.com
7 tnetfibe.cotizac.ru wyhlgitx.sarkli.com
tnetfibe.cotizac.ru
1 wyhlgitx.sarkli.com
1 exit.streamoptim.com 1 redirects
15 4

This site contains no links.

Subject Issuer Validity Valid
*.cotizac.ru
GTS CA 1P5		 2023-02-17 -
2023-05-18		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
Frame ID: C1B1AB40D88E7D9D3220F200D9A0B885
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 0A4191DF8605AC1E7F2A2FFCB8298D12
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. https://exit.streamoptim.com/track/edm2?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98... HTTP 302
    http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230... Page URL
  2. https://tnetfibe.cotizac.ru/Mger.bussing@atos.net Page URL

Page Statistics

15
Requests

87 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

235 kB
Transfer

510 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://exit.streamoptim.com/track/edm2?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D&url=http%3A%2F%2Fwyhlgitx.sarkli.com%2F%3Fem%3Dger.bussing%40atos.net HTTP 302
    http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D Page URL
  2. https://tnetfibe.cotizac.ru/Mger.bussing@atos.net Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://exit.streamoptim.com/track/edm2?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D&url=http%3A%2F%2Fwyhlgitx.sarkli.com%2F%3Fem%3Dger.bussing%40atos.net HTTP 302
  • http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
wyhlgitx.sarkli.com/
Redirect Chain
  • https://exit.streamoptim.com/track/edm2?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-167...
  • http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_...
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D
Protocol
HTTP/1.1
Server
78.135.80.21 Istanbul, Turkey, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software
/
Resource Hash
4671fc6d649b9ba50c88baa0f932a2a6550515948f1b402b795c9f454a13fdce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-encoding
gzip
content-length
1895
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 01:01:06 GMT
referrer-policy
same-origin
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 01:01:07 GMT
location
http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D
x-powered-by
PHP/7.3.3
Primary Request Mger.bussing@atos.net
tnetfibe.cotizac.ru/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
Requested by
Host: wyhlgitx.sarkli.com
URL: http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a316c1e05cb805ace7f0a3fec0e5ffea441000d3b68f8fa768373fb2acf5855f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79d3c9e9df273626-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 01:01:07 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QY1%2BqWstdj3hOAjMn0xLl6mtD%2BVA5BgM%2FK8V7zSKjtDpQZL1KhoMyaCgVX%2F9G9h7cldDcuHFuDgh93tCwv5Wx9TLuGQnLPNFXj%2B8KriWKSln5Op51Mme5UcukBh7TJwDGDBrGulDjlm6bSPUQUAQjk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=79d3c9e9df273626
Requested by
Host: tnetfibe.cotizac.ru
URL: https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495d38e23b6a1d84701e34bd408b983f1c1f5733cbb497394996aa888b0b2b9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnetfibe.cotizac.ru/Mger.bussing@atos.net?__cf_chl_rt_tk=6K3IoO6PRr0aH6KNo00jSM9OHxH2kaQgnmmCIZhJGLk-1677027667-0-gaNycGzNCeU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:01:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzufbxNPcTVyyNMD%2Bvi89BwaJhs9mmKo2uGSEPNuwC5F1HaLD%2F2aNI3rEZdG9zL7UvMWhWaNUsWnkYNjMwvGdkcC9qR%2Fz0rtdoS3FcPu%2Bo%2B9OUzWU91sEe0fQRViTfD3LVvbGwO3gsHUjnoYrxt3QZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
79d3c9ea0f493626-FRA
transparent.gif
tnetfibe.cotizac.ru/cdn-cgi/images/trace/managed/js/ 		42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnetfibe.cotizac.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=79d3c9e9df273626
Requested by
Host: tnetfibe.cotizac.ru
URL: https://tnetfibe.cotizac.ru/Mger.bussing@atos.net?__cf_chl_rt_tk=6K3IoO6PRr0aH6KNo00jSM9OHxH2kaQgnmmCIZhJGLk-1677027667-0-gaNycGzNCeU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnetfibe.cotizac.ru/Mger.bussing@atos.net?__cf_chl_rt_tk=6K3IoO6PRr0aH6KNo00jSM9OHxH2kaQgnmmCIZhJGLk-1677027667-0-gaNycGzNCeU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:01:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2023 14:30:42 GMT
server
cloudflare
etag
"63ecec92-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
79d3c9ea0f4b3626-FRA
content-length
42
expires
Wed, 22 Feb 2023 03:01:07 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/6756a6af/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: tnetfibe.cotizac.ru
URL: https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88552553af10ffa83f22bb8e02c1b88809c85181ce2e45d5827f479eec1e4be1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:01:07 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
79d3c9ea9d98362a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit
date
Wed, 22 Feb 2023 01:01:07 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
79d3c9ea7d87362a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
accept-encoding
dbbf3f550222998
tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7311234040018108:1677024993:wrnAt_PCAqTYxYG2CUDemIVsjEllz1KgN_5Rxd4N5w0/79d3c9e9df273626/ 		103 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7311234040018108:1677024993:wrnAt_PCAqTYxYG2CUDemIVsjEllz1KgN_5Rxd4N5w0/79d3c9e9df273626/dbbf3f550222998
Requested by
Host: tnetfibe.cotizac.ru
URL: https://tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=79d3c9e9df273626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b66e822a16c66726ccd3f4ba2ab9fe8c7d8cdb211f4139cf3c3ecbc9ffd1414

Request headers

Referer
https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
CF-Challenge
dbbf3f550222998
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 01:01:07 GMT
content-encoding
br
cf_chl_gen
2OUWzFoDk59VpOwNEdeBSmYenuoxXlzVy/8aRAqzi35MPpKZnlZrX0FzMOnQXEbrtSzx3RHXGxdePznsOM6B3+hzHzP0P8aa+H7ZZfcT+/3jhOxvhsz5EG+IxJkvqfC2ZfETji1lm7paOcMEio7H1dkxb8EUrWH3S58rGhlvRmNNB06Mp2+tD2yCebz0xA6UxSamoW4bCEhYyt2tF7qi+JevexJYtb7z8kuQtaF6/lBowAWXR3lJVdwD8TzQDc+0LJlk20475bKIC2tpuPkds/5c5eOEtTPgxPRKLKpewEuPsE+HmqWWSXW6UBBUp0tnYuq3hxh3whLHBYKiLN/4sE4pJYv94ze9mEyMSO4ljORZCFj6ttv/aafGY6nkwIIApcnsSrYkn6himiY16jY2fg==$8aoCsl8nrImVoRoI0Imixg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOrq%2BKGsTbCeMt6KKtH0wMKVgEB%2F3oBF78uizCJMAEo2P1jIoH8GYYCH3ABQzeXN%2Ba8lEtnieGgiCm9W3cC4Ao0j64OIJXBe11YXMiSv7%2BJRKFfnl1594ccOJ9d%2B8uuDxLeT7MkrX4Vb0o4sVxy0ayI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79d3c9eaefec3626-FRA
2-e6q9uTGR5RRlY
tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/img/79d3c9e9df273626/1677027667680/ 		61 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/img/79d3c9e9df273626/1677027667680/2-e6q9uTGR5RRlY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec914125f2d1fc093beb6cabc981048b3fdb7bab44b26b1c0798d50719c8a06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:01:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
79d3c9ec89153626-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwLl9%2FwPgTC7iFzAdwEgbZkFqBdhh6qhE9NnZQKhe5tqJCL9baECWqnkeE6l63FUnoi4hrG0xpRGkGNi1bk7Ym%2F2aBx3aSxRjRTxUIM3dN8iKpsa2700czNJgInfZcQXdIVl%2BAKbRRevjr1cQInI%2Fik%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
IhcU3JO5E6tW5Zk
tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/pat/79d3c9e9df273626/1677027667681/ee188b9bf4185edfe0e0fb5f3254d186c6f3d82cd2dfff3ae9fb9ec8767c7eb6/ 		1 B
780 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/pat/79d3c9e9df273626/1677027667681/ee188b9bf4185edfe0e0fb5f3254d186c6f3d82cd2dfff3ae9fb9ec8767c7eb6/IhcU3JO5E6tW5Zk
Requested by
Host: wyhlgitx.sarkli.com
URL: http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:01:07 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g7hiLm_QYXt_g4PtfMlTRhsbz2CzS3_866fueyHZ8frYAE3RuZXRmaWJlLmNvdGl6YWMucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvU0PH_Q7Pnf8hW_hxUpGAyuO8_Fq741wSGoWWWE4Fs6o4d9YAQmB8NJZKwtjC6kXQm-9iJm-2-l5Zd0u7iaXIdcfAf-g7V6jK6ZV4Vd3kqVDWPojMTgzY8UC9CkOJ6rkMeClcILaPTAe0-1efD7yNnOuChC15xCuBNDcsS22KLYU6XVzx8JCht1szeDhpWPGa9zXPYFm4jrEzIApawuy9xhPO2-m0TGqzv3IRG20R2cnjdsgiziiIXGmM3QAE_quSNOQW77EIvWEfliyclxt1_mXVBltEAEwAVU69X-6l2XNIt_2DNgSy9KNFZoCbGbxJN7_L7ebWE9lG8qtBsD9HQIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
79d3c9ec99263626-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAhpj8vAIUmvoBYbrdgQPOWj8ED0UdwMEsGqaiZuftjOGdQqdwNvylYX3LCx3TYHEJ1kmwYzuPEo7A%2Famn%2FRQSi8lTMTm8MU7ZuaXuCyRnyO8piZMJ6oDVTm5QNTLK0JTzuqAU%2BmF6wIXSqibWoYfF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
dbbf3f550222998
tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7311234040018108:1677024993:wrnAt_PCAqTYxYG2CUDemIVsjEllz1KgN_5Rxd4N5w0/79d3c9e9df273626/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7311234040018108:1677024993:wrnAt_PCAqTYxYG2CUDemIVsjEllz1KgN_5Rxd4N5w0/79d3c9e9df273626/dbbf3f550222998
Requested by
Host: tnetfibe.cotizac.ru
URL: https://tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=79d3c9e9df273626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f877b1a5479c03a6f88b0a05ee13c4fd7688b14fa4246aa0726c24247361c7b

Request headers

Referer
https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
CF-Challenge
dbbf3f550222998
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 01:01:08 GMT
content-encoding
br
cf_chl_gen
S7ZNrj+T35nEx4/gCaC21cR7ofkK68Ix8igHRr/Wl+A=$B5HQXSVGu7h9cqx//kc8OA==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJwK0pEgFFL74XzL1TMvtcpS1d4e%2FUr2mp93DqhqBYwnwhP46u6uatuBTGVaV3EFQxSWMbxlMAV4GBMT1kdBu%2FIs2BcM%2FZ3VJYdsMnB2lOjgAaYNtmlT6oK3FKCxzSyYlPVEmRNO9fNGb%2BE1FUhiTo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79d3c9f2ce003626-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 0A41 		19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a498883b7b8ec481e073d7f703e4a4db0bb17a12e8c0b59ec84f9bf25904e44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
79d3c9f32e543647-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 01:01:08 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 0A41 		127 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79d3c9f32e543647
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe9723b16ad6a5e86d5af9be1cea1151821c6ab0086f2f59e312ebbcbff8d71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:01:09 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
79d3c9f34e6e3647-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
dca94739cd03327
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7996706214652285:1677024950:FdK_-fe5myucA6-3-NdxgyTcBl6Fw86dMzzqx3CV_hU/79d3c9f32e543647/ Frame 0A41 		92 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7996706214652285:1677024950:FdK_-fe5myucA6-3-NdxgyTcBl6Fw86dMzzqx3CV_hU/79d3c9f32e543647/dca94739cd03327
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79d3c9f32e543647
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc2e8601bdf16397b386569d7254a7b4a34c14785a1f18f221db5d20deaf480a

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
CF-Challenge
dca94739cd03327
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 01:01:09 GMT
content-encoding
br
cf_chl_gen
7I/tBR7ZEKhU4QuAAqhqkPZYzvHHR00x/erKKUfO2TBkJ/d0HYeMlZpmLPGI/CwmH+/NtHzYHQS7tSLuSM/wa9P4RJoJfx3L4+2nKM/wDjypVR0No8f86O0JF2Sn15ju+tow6cKRoNfT2wUSwnq7hx2xhcGS8mj3zKIAjzRSuHRDyXoNIn0301LpmNktpbcca7pWusn8rh5RgVU7TohVitkHzjjYn7fxUWoyu+2W+gpoxA0IQ/xkK1dmL73pw92bHvwC73+tnUbA+lzTfaMjHSBrbcu0bNDHI5o5Twskq+usnrLAUZjs8nyqk1vcdHujv/ljfBU58td6UhQOyPCoqw==$MP3I6MzN76uo5NfFeBo//w==
server
cloudflare
cf-ray
79d3c9f44f1c3647-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
Zv9iDLkha__7eq7
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79d3c9f32e543647/1677027669171/0ef879905c35ef95ef2e27f57d2a9f14d5e956da917609fa11eb0bca97440fd6/ Frame 0A41 		1 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79d3c9f32e543647/1677027669171/0ef879905c35ef95ef2e27f57d2a9f14d5e956da917609fa11eb0bca97440fd6/Zv9iDLkha__7eq7
Requested by
Host: wyhlgitx.sarkli.com
URL: http://wyhlgitx.sarkli.com/?em=ger.bussing@atos.net?utm_source=stream&utm_medium=edm&utm_campaign=20230130-6%E4%BC%98%E6%96%B0-6%E7%88%86-%E4%BC%9A%E5%91%98-yjh&stream_ukey=5v3001rgx383&stream_msg_no=76867-1675027872-3097-p1&lan=en&stream_m=eyJtb2RlIjoyLCJjb2RlIjoiU1dWSVAyMCIsImRlc2MiOiIgVklQLUV4Y2x1c2l2ZSAyMCUgT2ZmIFVzZWQgb24gVHVlc2RheXMgT25seSFcdWQ4M2NcdWRmODFcdWZlMGYifQ%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:01:09 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gDvh5kFw175XvLif1fSqfFNXpVtqRdgn6EesLypdED9YAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvU0PH_Q7Pnf8hW_hxUpGAyuO8_Fq741wSGoWWWE4Fs6o4d9YAQmB8NJZKwtjC6kXQm-9iJm-2-l5Zd0u7iaXIdcfAf-g7V6jK6ZV4Vd3kqVDWPojMTgzY8UC9CkOJ6rkMeClcILaPTAe0-1efD7yNnOuChC15xCuBNDcsS22KLYU6XVzx8JCht1szeDhpWPGa9zXPYFm4jrEzIApawuy9xhPO2-m0TGqzv3IRG20R2cnjdsgiziiIXGmM3QAE_quSNOQW77EIvWEfliyclxt1_mXVBltEAEwAVU69X-6l2XNIt_2DNgSy9KNFZoCbGbxJN7_L7ebWE9lG8qtBsD9HQIDAQAB, max-age=20
server
cloudflare
cf-ray
79d3c9f5f82b3647-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
oIhNJPlk7tHAsG6
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/79d3c9f32e543647/1677027669171/ Frame 0A41 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/79d3c9f32e543647/1677027669171/oIhNJPlk7tHAsG6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e350ab89cd4bfde1ceec8f3064c87847fbf9b381777ee00d5be0e85481915d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:01:09 GMT
server
cloudflare
cf-ray
79d3c9f6083e3647-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
dca94739cd03327
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7996706214652285:1677024950:FdK_-fe5myucA6-3-NdxgyTcBl6Fw86dMzzqx3CV_hU/79d3c9f32e543647/ Frame 0A41 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7996706214652285:1677024950:FdK_-fe5myucA6-3-NdxgyTcBl6Fw86dMzzqx3CV_hU/79d3c9f32e543647/dca94739cd03327
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79d3c9f32e543647
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0839aba145f3199d3a7b4cc6a5d6d76e782186b3bea90e11c73e9203c8972689

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/vme6z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
CF-Challenge
dca94739cd03327
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 01:01:10 GMT
content-encoding
br
cf_chl_gen
PzpEE9rn5Y7DRb12IP3l3feJLhlg9Ilxew39RIAb0T8=$CA3kPvQCnXVBxhzjafVHag==
server
cloudflare
cf-ray
79d3c9f96a653647-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| _cf_chl_opt function| SHA256 function| sendRequest function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| _cf_chl_turnstile_l object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

1 Cookies

Domain/Path Name / Value
.challenges.cloudflare.com/ Name: __cf_bm
Value: 5IBExWma4p33xDpB2bAqyTzi8oz6DwumNeAqDxIICSQ-1677027667-0-AW6mpdUAzWlb2PJo50VV6wCMA82SUsGuLYu8PfDQAXlTCCbKW+LaSKt3H3/22PMQE6ge2Y0id+ukeliPAiOXbmA=

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://tnetfibe.cotizac.ru/Mger.bussing@atos.net
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tnetfibe.cotizac.ru/cdn-cgi/challenge-platform/h/g/pat/79d3c9e9df273626/1677027667681/ee188b9bf4185edfe0e0fb5f3254d186c6f3d82cd2dfff3ae9fb9ec8767c7eb6/IhcU3JO5E6tW5Zk
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79d3c9f32e543647/1677027669171/0ef879905c35ef95ef2e27f57d2a9f14d5e956da917609fa11eb0bca97440fd6/Zv9iDLkha__7eq7
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block